#regulatory-classification

#regulatory-classification

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

The ALTA Elite Provider Program recognizes service providers that demonstrate a strong commitment to supporting the title insurance industry and the professionals who serve consumers every day, ALTA CEO Chris Morton said in the announcement.

A Microsoft spokesperson told Business Insider on Thursday that the company's "lawyers have studied the designation and have concluded that Anthropic products, including Claude, can remain available to our customers." Claude will still be available to customers through platforms such as M365, GitHub, and Microsoft's AI Foundry, except for the Department of War.

"Creating a modern, fair and dynamic labour market is central to this Government's plan for growth," she said. "We want to make it easier for employers to find the people they need, while ensuring that work pays and feels secure. "Through clear guidance, we are giving businesses the practical support they need to understand these changes and get things right first time. By improving fairness and security at work, we boost productivity, strengthen retention and support businesses to succeed."

Rather than stolen data making headlines, it was business stoppage that triggered attention. Moving into 2026, the board's focus should be on ensuring business continuity and building resilience in the face of emerging risks generated by AI usage and attack vectors, quantum computing and geopolitics.

As Theresa Defino recently reported, HHS OCR will prioritize risk assessments and expand its investigations into risk management in 2026. Alisa Chestler and Layna Cook Rush of Baker Donelson have summarized some recent recommendations from HHS OCR's January 2026 Cybersecurity Newsletter that regulated entities may want to pay increased attention to at this point: Patching Is a Required Risk Management Activity Legacy Systems and Unpatchable Vulnerabilities Are Not Excuses Unnecessary Software and Default Accounts Create Hidden Risk

As audit committees confront a rapidly expanding risk landscape, their role in corporate governance is being reshaped. Boards have often turned to current and former CFOs as independent directors, particularly for audit committees, because of their ability to translate complex operational and financial realities into effective oversight.For example, this month, J. Michael Hansen, former EVP and CFO of Cintas Corporation, was appointed to the audit committee at Paychex.

There is a growing emphasis on database compliance today due to the stricter enforcement of compliance rules and regulations to safeguard user privacy. For example, GDPR fines can reach £17.5 million or 4% of annual global turnover (the higher of the two applies). Besides the direct monetary implications, companies also need to prioritize compliance to protect their brand reputation and achieve growth.

Businesses are acting fast to adopt agentic AI- artificial intelligence systems that work without human guidance-but have been much slower to put governance in place to oversee them, a new survey shows. That mismatch is a major source of risk in AI adoption. In my view, it's also a business opportunity. I'm a professor of management information systems at Drexel University's LeBow College of Business,

If your partner in Munich mishandles customer data, or your reseller in Paris uses a "black box" AI tool to generate deceptive ads, it isn't just their reputation on the line. It's yours. With the EU AI Act now in full swing and GDPR entering its "mature enforcement" era, the distance between a partner's mistake and your company's $20 million fine has never been shorter.

How do privacy regulators decide which companies to poke? Often, it's a consumer complaint. Other times, it's a headline. And, sometimes, it's just personal. Regulators are consumers, too, after all. But it's important to remember that every brush with a regulator doesn't turn into a full-blown case, said privacy attorney Tyler Bridegan. Bridegan spent nearly two years as director of privacy and tech enforcement for the Texas attorney general's office. He left government work and returned to private practice in October as a partner at Womble Bond Dickinson.

There's been an explosion in the growth of corporate eLearning initiatives in the post-COVID era. That's due in part to the growth in remote work and geographically distributed teams. Unfortunately, there are always growing pains when any corporate initiative scales up in a hurry. In the case of eLearning, one of those growing pains is a tendency to let data privacy standards fall by the wayside.

To all employees, this company takes data protection very seriously. It has a material impact on our operations. The CIO and IT Director are in charge of those policies. If one of them comes to your business unit and gives you an instruction, take it as seriously as you would instructions from any other C-level, including myself. As of this date, know this: If you disregard or otherwise violate any IT instruction, you better pray that they are wrong.

I belong to six professional organizations. Or maybe it's 13, 19, 26, or 47. I can't be sure. The ones where I pay dues or volunteer I know well: ASIS International, the Life Safety Alliance, Chartered Security Professionals, and a couple of others. Then come the niche and industry-specific associations like the International Council of Shopping Centers, public-private partnerships such as OSAC and Infragard, and the countless ASIS Communities.